Domain Name Service (DNS) is used to translate human-readable names of machines and more commonly services on the Internet into machine-readable numeric addresses to facilitate the routing of Internet traffic. An electronic DNS packet is a block of electronic bits typically including a source address, a destination address, a protocol identifier (Transmission Control Protocol (TCP) or User Datagram Protocol (UDP)), a port number (typically 53), and a data payload normally consisting of a query or a response. When DNS service slows or fails, Internet traffic is similarly hampered. Maintaining DNS service that is resilient against attack and that prioritizes responses to known-good partners is a prerequisite to maintaining high availability of Internet service generally.
There are, however, bad actors, such as computer hackers, cyber-criminals, and even national governments, that seek to attack the Domain Name System using what are referred to as Denial of Service (DoS) attacks. In a DoS attack, the attacker attempts to bombard a victim network or server with a large volume of traffic. The traffic overload consumes the victim's available bandwidth, CPU capacity, or other critical or constrained resources. These DoS attacks attempt to deny legitimate users access to the DNS service, thereby preventing their computers from resolving names, such as of web sites or email addresses, to Internet protocol addresses. Ultimately, the bad actors seek to prevent users from achieving their desired goal and to prevent the DNS from properly and effectively rendering its essential service. When successful, these attacks make Internet access slow, unreliable, or entirely unavailable thereby leading to inconvenience, lost productivity, and real economic losses.